- Incident Response The Adversarial Cycle of Computer Attacks and Defenses
The adversarial cycle has four phases: Attack (unfettered), Detect (forming response), Defense (attack rendered ineffective), and Mutate (attacker adapts). Defenders shorten Attack/Detect through...
- Malware Analysis How Security Companies Assign Names to Malware Specimens
Security companies base malware naming on the CARO scheme, which groups specimens into families by code similarity in a Type/Platform/Family.Variant format. MITRE's Common Malware Enumeration...
- Malware Analysis 3 Free Tools to Fake DNS Responses for Malware Analysis
When analyzing malware behaviorally, intercepting DNS queries lets you redirect network connections to lab systems. Three free tools simplify this: ApateDNS (Windows), FakeDNS (Windows), and...
- Malware How Antivirus Software Works: 4 Detection Techniques
Antivirus tools use four main detection techniques: signature-based (static fingerprints of known malware), heuristics-based (suspicious characteristics without exact matches), behavioral (observing...
- Career I'm Hiring a Manager for My IT Services Team
- Malware Capabilities and Limitations of Enterprise Antimalware Suites
Modern enterprise antimalware suites include traditional AV, spyware and rootkit protection, host firewalls, browser security, email filtering, cloud-based analysis, and centralized management....